ThreeD

Privacy Policy

Last updated: 20 June 2026

This Privacy Policy explains how ThreeD ("we", "us", or "our") collects, uses, discloses, and protects your personal information when you use our website, web application, and related services (collectively, the "Service"). By using the Service, you agree to the practices described in this Policy.

Your Creative Work Is Processed Locally

The privacy of your work matters to us. The designs, images, models, renders, and other creative content you produce with the Service are processed locally on your own device and are not uploaded to our servers. We cannot see your creative work unless you choose to send it to us (for example, as part of a support request).

The only personal information we store is the limited account and billing data described below, which we hold with our backend provider, Convex.

1. Information We Collect

We collect the following categories of personal information:

1.1. Account and Login Information

When you register and sign in, we collect information such as your name, email address, username, and password (stored in hashed form). We may also collect authentication data if you sign in through a third-party identity provider. This information is stored with our backend provider, Convex.

1.2. Payment Information

When you make a purchase, payment is processed directly by Stripe, our third-party payment processor. Stripe collects and handles your card and billing details under its own privacy terms; we never receive or store your full card number. On our side, with our backend provider Convex, we store only the minimal information needed to recognize you as a paid user — such as your account identifier, a Stripe reference (e.g. customer or transaction ID), and your payment status. We do not store any additional billing information.

1.3. Analytics and Usage Data

We collect information about how you interact with the Service so we know what to build, improve, and fix. This is usage and diagnostic data only — it does not include your creative content. It may include:

  • Device and browser type, operating system, and language settings;
  • IP address and approximate location derived from it;
  • Pages or features viewed, actions taken, and timestamps;
  • Referring URLs and session information;
  • Crash reports and performance data.

1.4. Cookies and Similar Technologies

We use cookies and similar technologies to operate the Service, remember your preferences, keep you signed in, and measure usage. See Section 8 for details.

2. How We Use Your Information

We use personal information to:

  • Provide, operate, and maintain the Service;
  • Create and manage your Account and authenticate you;
  • Process payments and manage your purchase and license;
  • Understand and analyze how the Service is used and improve it;
  • Communicate with you about your Account, updates, security alerts, and support;
  • Send marketing communications where permitted (you may opt out at any time);
  • Detect, prevent, and address fraud, abuse, and security issues;
  • Comply with legal obligations and enforce our Terms.

3. Our Commitment Under Australian Privacy Law

We are based in Australia and handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Because the Service is available worldwide, we also seek to comply with other data protection laws that apply to our users, including the GDPR (EU/UK) and the CCPA/CPRA (California), as described below.

4. Legal Bases for Processing (where applicable)

Where data protection laws such as the GDPR apply, we rely on the following legal bases:

  • Performance of a contract — to provide the Service you have signed up for;
  • Legitimate interests — to operate, secure, and improve the Service;
  • Consent — for certain analytics, cookies, and marketing communications;
  • Legal obligation — to comply with applicable laws.

5. How We Share Your Information

We do not sell your personal information. We may share it with:

  • Service providers that help us operate the Service, such as hosting, payment processing, analytics, and customer support providers, who are authorized to use your information only as necessary to provide their services to us;
  • Professional advisors, such as lawyers and auditors, where necessary;
  • Authorities or third parties when required by law, legal process, or to protect our rights, users, or the public;
  • A successor entity in connection with a merger, acquisition, or sale of assets, subject to this Policy.

6. Third-Party Processors

We work with a small number of trusted third parties to deliver the Service. None of them receive your creative work, which stays on your device. They may include:

  • Backend and database: Convex (stores your account and billing records)
  • Payment processing: Stripe
  • Analytics: PostHog and/or Google Analytics
  • Email and communications: Substack

Each processor handles your information under its own privacy terms and our data processing agreements.

7. International Data Transfers

Your information may be processed and stored in countries other than your own, including outside Australia (for example, where our hosting, payment, or analytics providers are located). Where we transfer personal information across borders, we take reasonable steps to ensure it is handled consistently with this Policy and with applicable law, including, where required, standard contractual clauses or equivalent safeguards. By using the Service, you acknowledge that your information may be processed outside the country in which you reside.

8. Cookies and Tracking

We use the following categories of cookies:

  • Strictly necessary — required for the Service to function (e.g. session and authentication);
  • Functional — remember your preferences and settings;
  • Analytics/performance — help us understand usage and improve the Service.

You can control cookies through your browser settings and, where applicable, through our cookie consent banner. Disabling some cookies may affect functionality. See our separate Cookie Policy for more detail.

9. Data Retention

We retain personal information for as long as your Account is active or as needed to provide the Service, and thereafter as required to comply with legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we delete or anonymize it.

10. Data Security and Data Breaches

We implement technical and organizational measures designed to protect personal information against unauthorized access, loss, or misuse, including encryption in transit, access controls, and secure storage of credentials. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

If we become aware of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth), and any other regulators or individuals as required by applicable law.

11. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you;
  • Request correction of inaccurate information;
  • Request deletion of your information;
  • Object to or restrict certain processing;
  • Request a portable copy of your information;
  • Withdraw consent where processing is based on consent;
  • Opt out of marketing communications;
  • Lodge a complaint with a data protection authority.

To exercise these rights, contact us. See details below. We will respond within the timeframe required by applicable law. We may need to verify your identity before fulfilling a request.

Australian Residents

If you are in Australia, you may request access to, or correction of, the personal information we hold about you. If you are not satisfied with how we have handled your personal information or a privacy request, you may contact us. See details below. If we do not resolve your complaint to your satisfaction, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

California Residents

If you are a California resident, you have rights under the CCPA/CPRA, including the right to know, delete, correct, and opt out of the "sale" or "sharing" of personal information. We do not sell personal information. You may exercise these rights using the contact details below, and you will not be discriminated against for doing so.

12. Children's Privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will take appropriate steps to delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Service or by email and update the "Last updated" date above. Your continued use of the Service after the changes take effect constitutes acceptance of the revised Policy.

14. Contact Us

ThreeD is fully owned by Giorgia B. If you have questions or requests regarding this Privacy Policy or your personal information, contact us at:

ThreeD Level 1, 9-13 Bronte Road, Bondi Junction, NSW 2022 Email: help@trythreed.com